Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
File:                     QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft (raw, json)
Hash identifier:          Qw9QJtMf5gAyoQZvkZiQyRQPHRj0FIAGg27Sf1WCe7M=
Subject key identifier:   F0:16:75:EA:F7:FD:0D:CD:7E:A4:B4:8B:D4:7B:CF:8F:D3:15:C8:DD
Authority key identifier: 41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C
Certificate issuer:       /CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
Certificate serial:       019CAD59FB23926573B5FF339C5F93BCFFD4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
Manifest number:          17D7
Signing time:             Mon 02 Mar 2026 07:01:21 +0000
Manifest this update:     Mon 02 Mar 2026 07:01:21 +0000
Manifest next update:     Tue 03 Mar 2026 07:01:21 +0000
Files and hashes:         1: QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl (hash: uMZ+ZZMscOLJRsE/E2+Tl8D8dE0Uo9km8sECxIf+9Y4=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 03 Mar 2026 07:01:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:ad:59:fb:23:92:65:73:b5:ff:33:9c:5f:93:bc:ff:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
        Validity
            Not Before: Mar  2 07:01:21 2026 GMT
            Not After : Mar  3 07:01:21 2026 GMT
        Subject: CN=f01675eaf7fd0dcd7ea4b48bd47bcf8fd315c8dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:88:ea:e4:ad:34:af:06:f0:ad:82:68:20:f5:
                    8e:5d:d1:01:cb:fc:71:d9:3b:d0:df:f8:a3:26:3c:
                    88:e6:66:1e:4a:06:e8:08:6f:e5:a9:68:02:96:3d:
                    f6:34:a0:f0:4b:31:24:be:0c:86:3e:33:60:21:90:
                    9a:75:66:82:9b:ce:62:61:3a:5c:a5:06:a6:d9:5b:
                    f4:c2:e8:c8:c8:34:9f:1e:d0:10:24:5a:f1:73:ae:
                    7f:b2:a5:3f:57:b3:15:de:69:51:06:2c:1d:4e:57:
                    ba:2e:89:73:1b:b9:0b:ad:03:fa:2f:bc:81:17:cb:
                    40:e6:c2:d8:d3:37:9a:94:10:b5:5f:be:35:9b:74:
                    b2:c7:96:bc:eb:d2:91:d9:47:3d:85:d8:16:e3:5e:
                    1c:cd:c0:28:dd:06:4f:f0:5f:71:da:40:ea:fd:5d:
                    f3:17:ce:8e:99:dd:c0:9e:c0:ba:ca:b6:d9:63:36:
                    ac:f8:fe:ff:93:d9:41:a4:11:2a:d9:ca:5c:1c:b3:
                    d8:dd:99:ac:74:4a:31:27:c5:ae:2c:2c:a7:56:4c:
                    09:1c:b7:e5:51:99:89:ab:de:b3:00:77:c0:99:1f:
                    f3:85:6a:ee:dc:c2:d7:35:c7:d8:55:8e:37:ad:3b:
                    2a:07:67:1c:bc:a5:ee:97:85:dc:bd:0d:40:43:47:
                    7f:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:16:75:EA:F7:FD:0D:CD:7E:A4:B4:8B:D4:7B:CF:8F:D3:15:C8:DD
            X509v3 Authority Key Identifier:
                keyid:41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:74:56:54:6f:2e:f9:73:9d:b0:38:c1:e0:c5:26:7b:39:98:
         bb:c6:21:c0:46:77:bd:47:b6:8d:18:73:dd:c4:a9:65:a2:31:
         23:fd:58:fb:52:91:b5:2a:04:22:94:33:81:f1:e4:ba:d4:00:
         31:b0:3a:82:28:d6:6e:a8:43:44:59:c0:5e:fc:5c:c9:45:47:
         d9:b2:dc:d2:f5:5d:bc:02:f0:49:9c:89:4f:bb:b0:c3:a1:6e:
         61:f4:38:e3:9c:48:ae:21:b9:2f:51:69:9e:28:5d:25:c4:92:
         29:4a:bb:5b:89:09:21:85:13:3e:7c:c1:8d:07:e8:de:df:33:
         69:fe:81:f1:be:30:7b:d9:f0:a0:47:b8:7a:2e:81:e1:90:44:
         7c:51:7d:5a:9f:71:af:7a:10:49:88:fd:e9:24:53:a4:1e:b4:
         95:ec:c3:80:ac:b7:97:04:d4:73:73:63:9f:75:ef:39:e0:0e:
         75:cf:84:e3:4a:57:6f:b5:ed:a8:19:5c:da:28:c9:4f:62:77:
         d2:f4:b0:6c:45:13:d7:bb:ba:6b:33:2d:4c:e3:a7:34:d9:c3:
         db:4a:72:f0:cb:b6:e2:f6:15:72:b3:4e:03:8c:e2:f9:81:61:
         29:c0:60:af:b8:e2:d4:34:45:af:68:a7:67:f3:cb:41:c6:4b:
         22:8a:d5:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWfsjkmVztf8znF+TvP/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzg1Y2I1ZmM2YjQwZmRmMTRmNzJhNmQyNWY0MTQzYzE3
YzMxN2MwHhcNMjYwMzAyMDcwMTIxWhcNMjYwMzAzMDcwMTIxWjAzMTEwLwYDVQQD
EyhmMDE2NzVlYWY3ZmQwZGNkN2VhNGI0OGJkNDdiY2Y4ZmQzMTVjOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIjq5K00rwbwrYJoIPWOXdEBy/xx
2TvQ3/ijJjyI5mYeSgboCG/lqWgClj32NKDwSzEkvgyGPjNgIZCadWaCm85iYTpc
pQam2Vv0wujIyDSfHtAQJFrxc65/sqU/V7MV3mlRBiwdTle6LolzG7kLrQP6L7yB
F8tA5sLY0zealBC1X741m3Syx5a869KR2Uc9hdgW414czcAo3QZP8F9x2kDq/V3z
F86Omd3AnsC6yrbZYzas+P7/k9lBpBEq2cpcHLPY3ZmsdEoxJ8WuLCynVkwJHLfl
UZmJq96zAHfAmR/zhWru3MLXNcfYVY43rTsqB2ccvKXul4XcvQ1AQ0d/sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPAWder3/Q3NfqS0i9R7z4/TFcjdMB8GA1UdIwQY
MBaAFEF4XLX8a0D98U9yptJfQUPBfDF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUt
ZTQ2ZWM1YjliMDZjLzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUtZTQ2ZWM1YjliMDZj
LzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFHRWVG8u
+XOdsDjB4MUmezmYu8YhwEZ3vUe2jRhz3cSpZaIxI/1Y+1KRtSoEIpQzgfHkutQA
MbA6gijWbqhDRFnAXvxcyUVH2bLc0vVdvALwSZyJT7uww6FuYfQ445xIriG5L1Fp
nihdJcSSKUq7W4kJIYUTPnzBjQfo3t8zaf6B8b4we9nwoEe4ei6B4ZBEfFF9Wp9x
r3oQSYj96SRTpB60lezDgKy3lwTUc3Njn3XvOeAOdc+E40pXb7XtqBlc2ijJT2J3
0vSwbEUT17u6azMtTOOnNNnD20py8Mu24vYVcrNOA4zi+YFhKcBgr7ji1DRFr2in
Z/PLQcZLIorVOg==
-----END CERTIFICATE-----